/*
 * @filename DefaultSecurityManager.java
 * @author barry
 * @version 0.0.1
 * @date 2020年1月3日
 */
package com.bnzj.cloud.security;

import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;

import javax.annotation.Resource;
import javax.persistence.Tuple;

import com.bnzj.cloud.business.core.service.SysResourceService;
import com.bnzj.cloud.business.core.service.SysRoleService;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.switchuser.SwitchUserFilter;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import com.bnzj.core.util.FbConstant;
import com.bnzj.core.web.security.SecurityResourceManager;

/**
 * @author barry
 * @date 2020-01-03
 */
@Component
public class DefaultSecurityResourceManager implements SecurityResourceManager {
    private static final Set<ConfigAttribute> basicRoleSet = new HashSet<ConfigAttribute>();
    
    @Resource
    private SysRoleService roleService;
    
    @Resource
    private SysResourceService resourceService;
    
    static {
        basicRoleSet.add(new SecurityConfig("basic"));
    }

    @Override
    public Set<ConfigAttribute> getBasicRoleSet() {
        return basicRoleSet;
    }

    @Override
    public Set<ConfigAttribute> getAllRoleSet() {
        return roleService.findAllCode().parallelStream().map(code -> new SecurityConfig(code)).collect(Collectors.toSet());
    }

    @Override
    public Map<String, Set<ConfigAttribute>> getResourceMap() {
        List<Tuple> list = resourceService.findAllUrlAndRoleCode();
        System.out.println(list);
        Map<String, Set<ConfigAttribute>> map = list.parallelStream().collect(Collectors.toMap(e -> {
            return e.get("url", String.class);
        }, e -> {
            String code = e.get("code", String.class);
            if(!StringUtils.isEmpty(code)) {
                return Arrays.asList(code.split(",")).parallelStream().map(k -> new SecurityConfig(k)).collect(Collectors.toSet());
            }
            return null;
        }));
        return map;
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities(String account) {
        // 获取该用户所有的角色
        Collection<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        List<String> list = roleService.getAllRoleCodeByAccount(account);
        if (!CollectionUtils.isEmpty(list)) {
            list.forEach(code -> authorities.add(new SimpleGrantedAuthority(code)));
        }
        // 添加员工的基本角色
        Set<ConfigAttribute> basicRoleSet = getBasicRoleSet();
        if (!CollectionUtils.isEmpty(basicRoleSet)) {
            basicRoleSet.forEach(configAttribute -> authorities.add(new SimpleGrantedAuthority(configAttribute.getAttribute())));
        }
        if (FbConstant.ADMIN.equals(account)) {
            // 给管理员添加切换用户的角色
            SimpleGrantedAuthority authority = new SimpleGrantedAuthority(SwitchUserFilter.ROLE_PREVIOUS_ADMINISTRATOR);
            authorities.add(authority);
        }
        return authorities;
    }
}
